package com.xinzhi.config;

import com.xinzhi.fiter.JwtAuthenticationTokenFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import java.util.HashMap;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 表单认证
        http.formLogin()
                //修改底层Security参数字段为phonenumber和password
                .usernameParameter("phonenumber")
                .passwordParameter("password")
//        认证成功处理
                .successHandler(((request, response, authentication) -> {
                    HashMap<String, Object> map = new HashMap<>();
                    map.put("msg", "认证成功");
                    map.put("status", 200);
                    map.put("用户信息", authentication.getPrincipal());
                    response.setContentType("application/json;charset=UTF-8");
                    String s = new ObjectMapper().writeValueAsString(map);
                    response.getWriter().println(s);
                }))
//         认证失败处理
                .failureHandler(((request, response, exception) -> {
                    HashMap<String, Object> map = new HashMap<>();
                    map.put("msg", "认证失败");
                    map.put("status", 500);
                    map.put("异常信息", exception.getMessage());
                    response.setContentType("application/json;charset=UTF-8");
                    String s = new ObjectMapper().writeValueAsString(map);
                    response.getWriter().println(s);
                }));
        //拦截
        http.authorizeRequests()
                .antMatchers("/user/loginpassword","/user/logincode").permitAll()
                // todo:记得这里需要放开登录的前端界面
                .anyRequest().permitAll();
        // 异常处理
        http.exceptionHandling()
                .accessDeniedHandler(((request, response, accessDeniedException) -> {
                    HashMap<String, Object> map = new HashMap<>();
                    map.put("msg", "禁止访问");
                    map.put("status", 403);
                    map.put("异常信息", accessDeniedException.getMessage());
                    response.setContentType("application/json;charset=UTF-8");
                    String s = new ObjectMapper().writeValueAsString(map);
                    response.getWriter().println(s);
                }));
        // 记住我功能
        http.rememberMe().tokenValiditySeconds(7 * 24 * 3600);
        http.logout().logoutSuccessHandler(((request, response, authentication) -> {
            HashMap<String, Object> map = new HashMap<>();
            map.put("msg", "退出成功");
            map.put("status", 200);
            response.setContentType("application/json;charset=UTF-8");
            String s = new ObjectMapper().writeValueAsString(map);
            response.getWriter().println(s);
        }));
        // 解除跨域保护
        http.csrf().disable();
    }

}